{"report_id":"26851094-4dd1-48c0-9545-2f60f4749336","version":6,"status":"done","tags":[],"date":"2026-04-20T10:51:13Z","url":{"schema":"http","addr":"app-ondofinacne.help","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"title":"Explore | Ondo Finance","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"app-ondofinacne.help","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-25T10:51:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"app-ondofinacne.help","ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-12","domain_rank":0,"first_seen":"2026-04-20T10:51:18.108629Z","last_seen":"2026-04-20T10:51:18.108629Z","alert_count":27,"request_count":27,"received_data":5585657,"sent_data":17547,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"app-ondofinacne.help/assets/js/app.bundle.js?v=1","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ece2afe7425c47137b19ed927676d936","sha1":"bbae9d8bb33ab7b1cec99d9f610de89d59ed7590","sha256":"494c43f1e0bf612fca82b3721041351504ca84fc4d460a334859f4db362afd30","sha512":"8cff7142056e0d34d91487031a9790f41c7c65985af3d8bcdc9f7f983a61ae140580888b2df3071e2fa9935312a762ea46fe7f765d2c3c7ba467291c5953d8a5","ssdeep":"1536:aXleyju0oaCBgioHQIv7C/BGN1N5HhkexlS+w5f82d4AjG0Y9:aXEyS0BTHQo7Q2tHhkexl8w","tlshash":"45349359db93849c8f48069f80a2f945d9548d26ca5c74a7de1fccc0b62afb580c72bf","size":235151,"data":"","first_seen":"2026-04-20T10:51:23.434303Z","last_seen":"2026-04-20T10:51:23.434303Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/f6517f7c-c4cb-45e5-9017-122d29c63f83","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"53b876cbebc5d4392730bc2bee1c317d","sha1":"e075eb05e4cfb02bcc9b8e7bb510e7eabd276f10","sha256":"1db13eb5a0783db162565c24999dfc534ed68fbb2770d6a3830bfad6aa180664","sha512":"fa1c3f533ef4b848c01d55469ecaedc0d89532f799770ca1b96420555f625458c134b2c49e4c82c190927b0705f463602604b6db93fdc9d9994b4ebabbe40f08","ssdeep":"49152:T7OwPEZJs5u+UwW2QUSvhjG+EyY4bfO3xrQanJfCpszVtO8:D","tlshash":"fef523526c43b8a68f88536570f76d0b19990d13989cb0dfd764f9c2342dfa2c1eb92e","size":3440268,"data":"","first_seen":"2026-04-20T10:51:23.443943Z","last_seen":"2026-04-20T10:51:23.443943Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8de04e3dc63af7585af0e827672eb149","sha1":"02ee5e4b4e73e430d629744c4b7a3e38c36ed06d","sha256":"123e2a4c9c65ad62ea2b0992b1f80073e18a341a810f9ba40d1c4cdc31f1e759","sha512":"a42fcbfd4fc45305b75c0093524abafcf73f7d10f3bbe8cf573f3ea87803f672ae7fd293a116e7c24aeb0ef9fb24b9ea32e48200a56243187d5b550407631184","ssdeep":"","tlshash":"a911cce0aa6c599781c2095034894b02b13cb020203d9fd0bf75f0ce7c7c7ec96d262a","size":1000,"data":"","first_seen":"2025-12-20T20:03:49.143914Z","last_seen":"2026-04-22T12:49:03.901917Z","times_seen":1499,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"eda6d47c87537b11c37048cf02454ba4","sha1":"bdc7d8e78672ebb099d0606e5a39df4388063c4e","sha256":"eca2d1570ee9391fb324fe1f837f5bd231ae9e0d30e1af57908050d7bb10df0c","sha512":"ea908c39ca3910885694c0805e06a5fe1ae66dd114bdf7eab51c0fd97adc47873ca17da5aa13499e2e2bf616c0bf2051a0ceb07c588fcb773c2b0307cb79cd93","ssdeep":"768:3KYFmYGRvy6AEhc+YQIcjcVcxcdgc7ODeV8dcNS7o2t:6gZG9yfzQIcn9x","tlshash":"102373e4a65bd4e89e8210ded037f801e4681967cebdf293a92cddc1742df22854b17b","size":46541,"data":"","first_seen":"2026-04-20T10:42:31.461496Z","last_seen":"2026-04-20T11:09:22.743084Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f5b767c078c6813816231552aca1d562","sha1":"34f99579b527c24b3a5af82abb42079a0d3e1a51","sha256":"c17d50bae5a02a35e0ae5d0005c694495952f093629bb5193c668070161b0f7a","sha512":"7b4aed1d33c4891894a556505047a8f7afd72efc1c30c064b5a428fac50a5475e895f3937869de6d047128910d762069084c41d12fbacecffd43cd98e84b2e48","ssdeep":"","tlshash":"70c0125d7010696614ce687d4ccf088ebe368812a20809c999dcd4547bb1e6c42e484c","size":185,"data":"","first_seen":"2024-04-08T19:47:46Z","last_seen":"2026-04-21T10:36:35.139675Z","times_seen":620,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/somecfpreload/cf.js","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e46ea9e1e0d3117cc1387ee29701f90","sha1":"7185ee7797be313ab40206f70b64f85168242431","sha256":"84b860b1fb3e6fe09a4f51a1218fc83c367ae6a6c813978c2e1d16501868bf33","sha512":"5f9295d5ac9cc7ec95a4eb7e83e8a036a41b9b3381e830eb2c24b3686bdb80c3302a44739a34763e6f38f95d2680dbebb3e7974d7f037726c8bd63ea96f24b3b","ssdeep":"192:Pp+uX0MjffLucei2z/3LP4tReNDHKPpXw4tRSI5iBuH5d6h4WJay8TvLm+d5rpA9:UlI3LmiAjQRgINJehxJay8TvLm+bpAtD","tlshash":"60729326329011395977d37b83a35759fc349023a20386687adda7890ff18588af3fde","size":16683,"data":"","first_seen":"2026-02-07T00:42:13.170615Z","last_seen":"2026-04-21T03:05:21.491592Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8b1420d3010e9eb4a22f9e2e0922434f","sha1":"6630e5ac52af16f110d6313a430ad3fc0838c080","sha256":"2211a05bca128bed00c60894cc71ddc8e37a9fff1f704c200edd2580986895d0","sha512":"6e045476f97ce37aba62726cdadf03145be6b7dc36a273403a092fd8d5eec2413d244be6c7d8a45b7dbc59cb322549969c6558c4252e3415131bcc22645e5aa1","ssdeep":"","tlshash":"9bd0a7f591a204b9243a81164e8bd0152a82b92bdd04f9f87cdc40845f9d05c80ad2b2","size":255,"data":"","first_seen":"2026-04-20T10:51:23.448198Z","last_seen":"2026-04-21T03:05:21.501736Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"895f526ab37305311d1e998fa4d5a6e8","sha1":"06d0220830c81bf254c70552e908371c6dc1f18f","sha256":"90916b8b1fb2fbbd765a22eba866c30d8829f59aa2d7ee86869abd20207b2117","sha512":"6b087d2e2025f4d11073254448b124af8839ce24ff37eb45bf2fd1a2b66bee8fd4fdca2b4d23c08786d217dd71dbc660d1054b7876b37752dee3baaefdaeaa4e","ssdeep":"","tlshash":"2871bc3beb00173bdc8fa9fdced5b4c02e62497262496960691ce102a16cd7487bed88","size":3743,"data":"","first_seen":"2025-08-14T22:47:51.287187Z","last_seen":"2026-04-21T10:36:35.14313Z","times_seen":1252,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3433c9d3e9b7e8e5b34ed72e309db572","sha1":"d53d7df082088749c1df6b08330ee9b9e4076932","sha256":"1d96fa9904e3743570bccd5be90e83fd91975299f374093cc6f723673d582dd1","sha512":"ffd0e047331871f21738643968b7eb7fa045ee0e45346a9ea986c4b8a3e745dd310542c6b2734f6d244408bba6548ec66f5cd7662c69485b5e59e3b9432cdff2","ssdeep":"","tlshash":"06f04245bd825a24d35670ddc41f978cc53690dd91491c4cbb64ece1de94c2cdfc6534","size":585,"data":"","first_seen":"2025-08-01T04:16:24.219641Z","last_seen":"2026-04-22T12:49:03.900962Z","times_seen":2842,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2380d391cf784bce2f77e0e16fa2268b","sha1":"2b88cb08e3d7f56772d46fe1a10d84774e8728d5","sha256":"e65fcff70fe965f3d1878fe515a7ebcd265dfe61b15461521450c882e8d081d7","sha512":"0f3264af3a045928be20d2ee1ef3af905571d07e3fc25eaeda22199baca89b8c9bff94d90d81124ff45b16c5e40df291c2f49d9464ba901d2d961f6fd1196f1f","ssdeep":"","tlshash":"e6411b1e00aa0aa31ba3054333ce846d0956c2cedcc73534d3b27f8134c67832a93bea","size":2254,"data":"","first_seen":"2025-08-01T04:17:54.882582Z","last_seen":"2026-04-22T12:49:03.914996Z","times_seen":2678,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f278e1582a6b32d6a9a05328bba73b0f","sha1":"02780b645a044990e49787663d3dba06626b1e3d","sha256":"07317dc90130ec69ed8e07a8362168074f9067473354101f361449cff37110aa","sha512":"08463b63ba1654bf203117d8f0c0a2ce4b5d92914ffba7c8ac3d942ff1a812c86cc61d9e840e5f3422c2b22d1b71b1a06b9a6d40d4e4259b32fd8cd40cc8357f","ssdeep":"","tlshash":"55319948a43216904242e8f1c676abeeabe774080574446d349cbec7eff8447e521678","size":1529,"data":"","first_seen":"2025-08-01T04:16:24.221852Z","last_seen":"2026-04-22T12:49:03.916088Z","times_seen":2805,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0e1ee9f442371606d9a13b41a0dbeaff","sha1":"a05c25c8ad9127fe7d45319ce13e8b4a485d2e01","sha256":"713285cbc0cb910dfd2e7a86c604d191a27789ae50964ab1c674507ff4a20c45","sha512":"1dbac9fa1e0b338e780a3600f1a3da140a6c83a961a1d0c6c80fe3dc5a9041c346c471d264a07ccc87457cdccc2a28b768d02283512ba9cee0fc2e2b7124e42d","ssdeep":"","tlshash":"0221fedeb2826488526794d742cd8dceb8e617a919008c20452ef299225c3e8fb6ad54","size":1177,"data":"","first_seen":"2025-08-01T04:16:24.218288Z","last_seen":"2026-04-22T12:49:03.905262Z","times_seen":2732,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1e21743cd2ee2004cd56bfc5c29e3609","sha1":"bf516634ffbcfd3186b71dafc0ecdcc47894c439","sha256":"0e428980439e794b176e0ee3cd84e4878510b1d52c1efc1c00f4af9729a17029","sha512":"4264e5ce5b4f3acb24046582388132a5915398c9266c18c6349d75fb94bd74bac990dc6ebd12e1e118a3a24752a3e4badae2faabd69b9827d1f223a0750da4c2","ssdeep":"48:atoyTqSsM+c69M+c69M+c69M+c60778KK7NaaM//M+A:atlDNDNDNDl778KKw//M+A","tlshash":"25913f32165427da63ce8fd45a85751d01d2c89a383e60bdff3279eded3a683c031612","size":4506,"data":"","first_seen":"2025-08-01T04:16:24.215618Z","last_seen":"2026-04-22T12:49:03.898958Z","times_seen":2778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"bdc082df1108390607eb8c85722ba845","sha1":"92ae5d0770d417d86dad565c7dc6341e4dff1fb4","sha256":"8ffdf318406479b4f1e4bd3b32579e4118bb18a1bece2050b5e948da10bf3991","sha512":"42f35d59f5444ca1ea4796a312c0156e7900a6cade8d1be8e9627bfa8ac23d48235bf13f7abe1fc03fb6a8846e43aca47eeb7108f3393167886b37ab1fcd66f9","ssdeep":"192:6c2rrKHsilXB4pBeCArXv+BQbbcDkvpr8JtaCtXv+DkWpR5taaRpt0ro4sMGZA99:v2rrCXBS3kZbekvYX8kWf4UD9WiY9","tlshash":"296283e8ede72132653332bc879f7055a5a998530a48c9467c0cf3950fe4b9856bceec","size":15176,"data":"","first_seen":"2026-04-20T10:51:23.454636Z","last_seen":"2026-04-21T03:05:21.503451Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aebba688f8279667ee3afc08011616d5","sha1":"6498f58f374d4eb8f175ccc9f478a70e7aa37939","sha256":"9bd36f5885c81f9a8c45e60f63a3f3a9e84d1fe3083475258b1dcfd21ad80a98","sha512":"e47d91243d62da0b7789358f09480d79341d5f2f7a52843a670223e5bcf9cbe79fa8c2a1f5094276a74b2916a7c10a3522a71cb8e21a57fffb38e16943f5a04a","ssdeep":"49152:67OwPEZJs5u+KwW2QUSvhjG+EyY4bfO3xrQanJfCpszVt4t:5","tlshash":"8cf533526c1368b68f88936570e76d0b15980d53989de0cfe764f9c1383dfa2c1eb92e","size":3437826,"data":"","first_seen":"2026-04-20T10:51:23.464454Z","last_seen":"2026-04-20T10:51:23.464454Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"dee771714ee7064a58a2f324523c036d","sha1":"5d502964e6f42e54d3a85a26e39aebf0fb7a366a","sha256":"5639ffcaf1f2f0c97effa8265d81b54b34bce0ab0aeaa24eb384a9a68f2a4a50","sha512":"37426947c3851d35f36e6afb32c8a214ec1cbb8713479fbc010bb51b842a68999140981e5d47684116c2a47cfe18addc5c330545796c50154ee3693942b84eac","ssdeep":"","tlshash":"c9e0c22da5b672fe28b7b538039bba042523044f900cc9257dbd4a410f88b2c15a8a8a","size":363,"data":"","first_seen":"2026-03-24T01:48:01.022288Z","last_seen":"2026-04-21T03:05:21.506025Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"59a13eef9e5e0ec7844e58e8b47d54a0","sha1":"0fb2b2059a878b87f8524284d448dd46a4351953","sha256":"c890c150b008d069bfddb86ee2c2e3fe979515939053b4c53fd6853b68e4fe35","sha512":"7fcdb614d30b1141e9a1e134a98e2888007f786f866c24e6383106d3e003f094e72901aa295e7d3450fccf5a249b25b436401a5b9439205da6b0eec8d72cfc80","ssdeep":"","tlshash":"33f0beaf336126ca23ae6ad20796c01d1e72e4ab3002163c575a36ca0cb6f52521b07e","size":494,"data":"","first_seen":"2025-08-01T04:17:54.874483Z","last_seen":"2026-04-22T12:49:03.889408Z","times_seen":2648,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"app-ondofinacne.help/assets/js/app.bundle.js?m=2961137","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /assets/js/app.bundle.js?m=2961137 HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app-ondofinacne.help/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 3600\r\ncache-control: public, max-age=14400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7OiW%2FSI4k%2FPN7O9yLgZZZ0m8UHih3ZPvd0EgwjBChHl3PVyoqb%2FGemybH1OaiZtb6tRZx1g%2BrPBNxIfjnoTwoCPXZalWM1JKotSpI2GpBBWYmqlpmyE6iE6Pa3I4gww0ttS4MPH29g%3D%3D\"}]}\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9ef397170c724e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3440268,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ba2badea8a8eddb91c42f10626874c75","sha1":"e08a34eac258be3526ccfb0d3aa059e21450b2da","sha256":"b4827c5e6fdb7a41acd7e77ecb5ecc2175dc48fe7965330683b2136fe8fef16a","sha512":"2171799111b6cda054cc09f93770ef391ba962bb70063c649099430e27dba05d176416b206ac3b8a1121b75492ceb4e7cf347fbc5d326a11d7f8331dabc81b24","ssdeep":"24576:TV8/8Yae0PgGswPpBroS7InwbjtsJshJuEbdnhuTH7:T7OwPEZJs5c","tlshash":"512533316d67ed994f8cfba9747b3e032a415b8384cd68dbb931e9c00458376429fa4e","first_seen":"2026-04-20T10:51:23.399489Z","last_seen":"2026-04-20T10:51:23.399489Z","times_seen":1,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":241,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/8cc4ca7238341e88.css","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:47.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/8cc4ca7238341e88.css HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:47 GMT\r\ncontent-type: text/css;charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7hNlJRgj9uKVDHbQV05e%2B4KAif0ycCYKltUm4Kbop%2FqQ%2BeC2TB8o9%2F5v6LBx9DBc469iNBFiDPW4ocpGt%2BG9cMhXjaP9mWXo1%2FV%2FGMOzTKiKlvjUUhP0RBJj7Qq%2F1gewQ19cRnsi7g%3D%3D\"}]}\r\nlast-modified: Mon, 20 Apr 2026 10:50:47 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9ef3970f5ad34e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2391,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (2391), with no line terminators","md5":"63fe4a7cc486f4541681c46c6c72a6ea","sha1":"900356fac22a216652c769da20f6a1e5ce1cdf03","sha256":"00082fbe6ef3c3c17b584a20c5de0345927a21d51635803e8c27dab483d90d64","sha512":"89684c208f23897d9ea35011db7be6c4e5e6b2d2785ae66dcf271824eab7b33fa065673bf89683a855e167ca7868246cbe7c4fcac929420de5b8fe0c8a96b980","ssdeep":"","tlshash":"fa417924401ed071a5f28e93358efb22255ea95189fa0972f167095c8cd7abf63e0f78","first_seen":"2026-04-20T10:51:23.400919Z","last_seen":"2026-04-21T03:05:21.490626Z","times_seen":3,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/somecfpreload/cf.js","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:47.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /somecfpreload/cf.js HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:47 GMT\r\ncontent-type: application/javascript\r\npriority: u=2,i=?0\r\nlast-modified: Sun, 25 Jan 2026 18:11:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69765cd2-412b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PclSHb1%2FKMXsrseAt9SIy9cQt6wIs%2B6mp4k6ZHUreBER13bYQBcJCN2nkxwY%2BM3N%2F6C3nr6XLDra4XZGOa9Ezv0nhwevKrrW20bMi5eeegoSt2JMQt1P9OqXIMHuhs2youuAD37ZJg%3D%3D\"}]}\r\ncf-ray: 9ef3970f5ad54e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16683,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (598), with CRLF line terminators","md5":"7e46ea9e1e0d3117cc1387ee29701f90","sha1":"7185ee7797be313ab40206f70b64f85168242431","sha256":"84b860b1fb3e6fe09a4f51a1218fc83c367ae6a6c813978c2e1d16501868bf33","sha512":"5f9295d5ac9cc7ec95a4eb7e83e8a036a41b9b3381e830eb2c24b3686bdb80c3302a44739a34763e6f38f95d2680dbebb3e7974d7f037726c8bd63ea96f24b3b","ssdeep":"192:Pp+uX0MjffLucei2z/3LP4tReNDHKPpXw4tRSI5iBuH5d6h4WJay8TvLm+d5rpA9:UlI3LmiAjQRgINJehxJay8TvLm+bpAtD","tlshash":"60729326329011395977d37b83a35759fc349023a20386687adda7890ff18588af3fde","first_seen":"2026-02-07T00:42:13.170615Z","last_seen":"2026-04-21T03:05:21.491592Z","times_seen":28,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/favicon.ico","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/favicon.ico HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sn81gPeopyBS0eX2XRPVU8s5PmkL0mgpKHOTGx62c0l%2Fva0lz0wBzC905lQkycVV8foiJCNx0UjVehxO4V1kVGih8rnfTUw%2B0IBloos4at757rgiA%2F%2BFJY383fcx2dK8OMc6YifvlQ%3D%3D\"}]}\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9ef39715abfd4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12007,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"055daa8924aedb430a5313283bcd28ee","sha1":"1fad23a11533b8408345267e9c34aac620153a1e","sha256":"700ab482214cac6ca7eddd4d74256860604ceabe4bedefd0324e44fd3b1576a6","sha512":"6eb664485d9befc1fa2a683a9f62fd088d29ba1803ba9cfdeee24a11ca79e05019a2555d45be6638ee70f082c43a5daa0dc9942f0ae3e9fbdefe27c2e7b907d3","ssdeep":"192:IRtVZVuKrC+g4lSBdzDowU+92mfbX2mlsTpUfn+TRaluaaOsEs/w9TM:IRtV75gpB9Do69ZmmuCneRLaa9Es/KTM","tlshash":"b642c0dc1310b2ab1f4d6575985e1bc28671690d0c6f4f8fde79cc0fea7e1841849b58","first_seen":"2025-08-14T22:56:29.206535Z","last_seen":"2026-04-21T03:05:21.480281Z","times_seen":144,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/nbison_160x160.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/nbison_160x160.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rHSkN05sX9lHZJGfeRi6HbkxZO0mF20wQDKxVzJXW42pN8Fs6IuD0rCth9ZbTnbFKnUbRKoJarMiy6WhL%2BmYx5in%2F0F26bdxZg14%2BBpkFQbyn0R4BWnCdVb211AF4GLk0gKTqJAecA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef39715ec1d4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2046,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"325b02c740b65e29fc7c7e4c9df087a0","sha1":"53cbd4c905a026427679b97a5f8fd227ecc19b29","sha256":"4cd7b90629dc986fe5b9ad27d8fae8d2579f8e309295888507397985048a5208","sha512":"eda52e92ad2bdc8cb978735be079d6d3d5b2a58d302f52271e8b1a6ff314eb663e825a07a247ba99a9e76c0b2619ee48328ce6372e48268181b5fdea467474a4","ssdeep":"","tlshash":"b4412afa01dbadfec69c2c6534ed58672abe4dc6c19386f70c66326e74d81014939095","first_seen":"2026-04-20T10:51:23.40635Z","last_seen":"2026-04-21T03:05:21.468969Z","times_seen":3,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":331,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/intcon_160x160-1.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/intcon_160x160-1.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BGtTARFNqQGI7tpezc2syOmYpXYhtKEi1WWeMvEo0PItcgAGSCnVXfSggfvurhITwhKRLpBaN5MRMAVWIUJVp5cYAm1%2FTXnYAYFU0SaCW4rz4jiDJ4cDbcmMMRnyJPGRReoHpZAX0Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef39715fc1e4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2259,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"68e32b1a6d5ff25704ea5947c92b7554","sha1":"0077c1b7efd501112404e04544d199d7a66febd9","sha256":"132d08c8cee0c810b8349e96ebd3c1a937ae36dfa95172e5f527b243296cb811","sha512":"ef4105dfd99a3af3edef6b47436159c5d7be1cadbade463c660ec186434b2cf8f921fbf37f6891ada5d4d4de50c22df6ffc9df9296b7a88e7088675a4a36c4e9","ssdeep":"","tlshash":"46411980b4b85554a886ddfd12c1a8ac2bf27b3498d0b1cf2a964ea71040f2c488a963","first_seen":"2026-04-20T10:51:23.408015Z","last_seen":"2026-04-21T03:05:21.477814Z","times_seen":3,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":326,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/wdcon_160x160.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/wdcon_160x160.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8NKpUjNLa47Yjw1%2BN%2F3vKyMhhYStcIr8l6gsTiceCqejFPFzvlmlKwU7fZy9oBuUQNjPmCGbMnSrEjYgzDFPw3L0NGMLO3a1VnO8vDcYt1XCwAw4UQk7rYbUdhSRm%2FRepJchQ8obWw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef39715fc244e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1864,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"3dac0d9f1ec4e47cdd83a66109ee2e2a","sha1":"66db6280fcd1a2d42c1e366e60db742d09fe0e2b","sha256":"c8698de1c5743687bd00ff4a2f2b09447efa94b40c062ab99a7ec1a5ec6ec32f","sha512":"25fea4f2dba085be65c0ef9988052438b90204bed3a546d2a892c6b21bb81e2492cb73b465e1d41b3ad6b2e1ffd49cd5bebd5547c162682c2f1b593568025e3d","ssdeep":"","tlshash":"c831d5eca3e28cb19a098b200cd45092fe675df53ca1dbc9180b7e16603a6e45aa7159","first_seen":"2026-04-20T10:51:23.409285Z","last_seen":"2026-04-21T03:05:21.470497Z","times_seen":3,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/tqqqon_160x160.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/tqqqon_160x160.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O5acj41xb1nCKiQMa0niQ75glbN%2FhmojvDnaZao5mEv1e2o0xk3KKd3CP%2FIZkJs2UzR%2F22OPurCasZ8o2%2FlI%2B1y3Be1%2BknutvDFKVKfj1LQsVxVYqF%2BziwZDK5rzQUKt%2B07hzxOLRg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef39715fc274e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2416,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"242356e41367f403c0c6c0fc15a0401d","sha1":"75d3c7b3c723cc2d72a140aa362823452ca81529","sha256":"d771ed35e6e8de65ed76c0a03a0f8aecfc492a772fa41111c9f8cb0d86d8831e","sha512":"7f4f01a6eaafa7924ace757d66df869258dddbf9ed356cc85915264e98e2550044ab17d7f99ef42ee371cb4faa5eed5083e672d477a74e19725b964bbb7367dc","ssdeep":"","tlshash":"31411b8fb3ec58fc41f40af789a95577468a1259a3a36b9b0344c53c8c8590b35d8d89","first_seen":"2026-04-20T10:51:23.410348Z","last_seen":"2026-04-21T03:05:21.495611Z","times_seen":3,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/crwvon_160x160.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/crwvon_160x160.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:49 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:49 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Oq%2ByqyL%2BP8nsusm6F4ve5CJ1d3fofVBghNUoFI4g%2Bh7YHGwr7O4A7J8UikiklBHSq0kqf%2BR7QHQX3t92Ip36zktJgyzVQQYniVtztZdXyXRAS6AsubIwel15md5aRjyHe3zSpa26fg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef397160c2f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1901,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"1cede042922be644d3f9d0b4f08be95f","sha1":"23d3ec3886e864102ee32325052f49c5899f85d9","sha256":"8ad6b76317788f4d3f643fda2563c6da32003ae8fa8917b3bc7b77ad685e721a","sha512":"45012abdbfc936bf3205c2102d8ea4ae5737f165ce7f20341487d292beec223d8b759b12cf01f2b6ac7d1ea79b7c11d0c8309c90262a6fd21f69932260bb4364","ssdeep":"","tlshash":"17410bef3525b80d35324bb050291cf3d7de3ab519ab6a33c73534769c470194b99157","first_seen":"2026-04-20T10:51:23.411581Z","last_seen":"2026-04-21T03:05:21.497448Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T10:50:47.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 10:50:47 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nset-cookie: flow=13891; expires=Mon, 20-Apr-2026 11:46:47 GMT; Max-Age=3360; path=/\npechenka=f41c67441a5803a2d77267c608a3c64d; path=/\nflow=13891; expires=Wed, 20-May-2026 10:50:47 GMT; Max-Age=2592000; path=/\nflow=13891; expires=Mon, 20-Apr-2026 11:46:47 GMT; Max-Age=3360; path=/\nchannel_id=881; path=/\nextspecck_v9u382hIMpq0MS2palcm=0; expires=Sun, 14-Feb-2027 10:50:47 GMT; Max-Age=25920000; path=/\nextspecck_9cj328JSmqOote92K3av=30766463; expires=Sun, 14-Feb-2027 10:50:47 GMT; Max-Age=25920000; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mFRRiFqQeX8jsbowuoETmbwtiqZGgce7jRZBCAB3sja5OQGLDWpC%2B%2BVpKu6BCx%2FHQtXNSWrL5Ytg37%2Fj7hJ5jcSJq7h5V41CdrzHRKEqzZDWuZPzcHZfbHFhJxgnYycVPjtDrHB%2FYw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ef3970d48225687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1378264,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21456)","md5":"50af095588e37ae0c3172193c06c6ebc","sha1":"cb68caeb8644e9815a4c37f140cd5540591f2310","sha256":"af350c0c72015e436c0c8928088492b4656ef029a1c140acd5ace8c8f5b276b7","sha512":"fbc1f7204cdfb5aedd9ed954f2ccaaed730c497421357ce89e345d435a8b00c9680594dc9ad7d13e9464399b52999095388472ebad2bc393fb4ca1d5c0649414","ssdeep":"6144:G9CTCeZAW5huttpOzKh08G5CyhsiLoll5SGBvVO/D/7aFBIovdsnmk:jCeTzovCnmk","tlshash":"c92571ac22f00436b117c69b9a70524e1799e183ca0b929e77dd27d75f87ec6cc1728d","first_seen":"2026-04-20T10:51:23.412528Z","last_seen":"2026-04-20T10:51:23.412528Z","times_seen":1,"resource_available":true,"data":null}},"time_used":369,"timings":{"blocked":88,"dns":69,"connect":1,"send":0,"wait":192,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/assets/js/app.bundle.js?v=1","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:47.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /assets/js/app.bundle.js?v=1 HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:47 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-methods: *\r\naccess-control-max-age: 3600\r\ncache-control: public, max-age=14400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gCL6iRJlla1Jd32if09tfCiqOrDNqgxEYVjifmvRei8nsPI6ka3ViUdXqpgxMdfxwmIox0zQoruaycsQek%2BL3Daj78bwTkIpJT4adCt%2FEw3%2FB4YvGRK3TQs%2BRGfMxuK9T%2FOeou9scw%3D%3D\"}]}\r\nlast-modified: Mon, 20 Apr 2026 10:50:47 GMT\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9ef3970f6ad64e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":236019,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48496), with no line terminators","md5":"385d68ca1b869acffa896acfab881f35","sha1":"fe0d2aabba470d7678a71d35ce67ffa9d00a07ba","sha256":"ae573c78ab32fabfc809e34b74f912d4e9fa2305846b452dcac6d74ca28fce74","sha512":"e871b7b4bfe50a4d0b6c0c03ced66a4f166adf61091c981b795ef1881c3d78f16f1770426c03bd6511c362b47ba7777046b0c55d7358111b8d31d6d058ec9b03","ssdeep":"1536:aRqeyju0oaCBgioHQIv7C/BGN1N5HhkexlS+w5f82dELwG0Y9:aRlyS0BTHQo7Q2tHhkexl8I","tlshash":"ae343d59eb73b39c8a48369e80a2f445d7c48d21c95c6497de0accc3652afad41c72bf","first_seen":"2026-04-20T10:51:23.413433Z","last_seen":"2026-04-20T10:51:23.413433Z","times_seen":1,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/api.php?symbols=INTC,NVDA,PLTR,TQQQ,PLUG,NIO,AMZN,CRWV,TSLA,SNAP,SPY,GRAB,MARA,SQQQ,WULF,HYG,USO,SOFI,MU,NOW,T,EWZ,QQQ,ONDS,AAL,APLD,EEM,BMNR,NFLX,IBIT,MRVL,F,BAC,CIFR,OPEN,PBR,ORCL,MSFT,VZ,ETHA,SMCI,AAPL,IREN,SLV,AMD,PFE,AMC,IWM,HOOD,XOM","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/api.php?symbols=INTC,NVDA,PLTR,TQQQ,PLUG,NIO,AMZN,CRWV,TSLA,SNAP,SPY,GRAB,MARA,SQQQ,WULF,HYG,USO,SOFI,MU,NOW,T,EWZ,QQQ,ONDS,AAL,APLD,EEM,BMNR,NFLX,IBIT,MRVL,F,BAC,CIFR,OPEN,PBR,ORCL,MSFT,VZ,ETHA,SMCI,AAPL,IREN,SLV,AMD,PFE,AMC,IWM,HOOD,XOM HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app-ondofinacne.help/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:49 GMT\r\ncontent-type: application/json\r\ncache-control: public, max-age=60\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GS6va4jK%2F5vDyVY8C7h9LJ1eFqaD%2F%2F6mMt3hBo%2BrEuibj9eBbkKl7FdCpiL9S4u1LnnNbj3xePLY8N6aUA7mEzqCcudQ0o2MPVvsoqLtnpm46t4WKMYS7CyYzCXFoXfGXf8QUZgmBA%3D%3D\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9ef39715cc0c4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":116820,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"95763954e8ff47b31210ebc4ce55d5ac","sha1":"dac99e1d12cf4a9294143a0451e8df32a27948e0","sha256":"8f09a7f0bd53f6fa46c61649d47371cae87929a83bda26c27b0b7eee4b11eac6","sha512":"bb36fe2ed03cc0c180add3ba51346c5ef01be7872e9fbe5ef85b670ad82501c2c54c27ad3125d5ae4d03e952bff304e101efde08d6f240574891f9ad11c78ecc","ssdeep":"3072:SuxOecVSRO5xjsGxBzmgUVzkf2hEHiCpSt/c:Su0WRO/jNvmgUZkfziCpV","tlshash":"84b3965d0f7c4ef959a616423d6a2f04167c53eb91c8c60bc37eeda8a2c250f221ed5b","first_seen":"2026-04-20T10:51:23.414632Z","last_seen":"2026-04-20T10:51:23.414632Z","times_seen":1,"resource_available":false,"data":null}},"time_used":504,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":435,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/sndkon_160x160.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/sndkon_160x160.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KWXoyaW6KVioaQpaX0NZG%2FwgiQpHAbCBnI9Ct84bN5rOBvYGKPGiGkfLtToJ20aeX95XwIbW0wpt87degL74HQqEKOeMYCqmYnVumlEFcPDjXVG2eLc5%2FbQERhhCWydsfkDczP486Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef39715ec194e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1916,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"6c74a884b45d87d782454a7481737ce5","sha1":"3364aea7d72f5c43780688560af56e263b30d5df","sha256":"abf578a88df74b8bfcea889503a18e3c7317e89d68261a834fbdd0e478ccf15b","sha512":"e4acd4d867b8dd0927590e454120ad16a97791e99b710273e0d1b7b515a3e3fb3f6177cafdb2e597c22b36f29e0b61664727c78b3977f48d7febb016cc8d1b08","ssdeep":"","tlshash":"bb41ead53b7519cc6bf80b7fbce17a4154315bc55187bdc88017e8c268a21a4456b19d","first_seen":"2026-04-20T10:51:23.415619Z","last_seen":"2026-04-21T03:05:21.476972Z","times_seen":3,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":326,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/wmon_160x160-1.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/wmon_160x160-1.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3BGbZcUmZs6T6hj1M4J56MmvHBKd7f%2BelTC9E3tJqaoN9dobCtrxIXxlDQ%2BE%2BPl5AMhOcxxTCEWmsa6cnMjBYORDVuljeyXqIPomwxN9a6LGQRsWzxDt89qf8F%2BP2FOZobFENilJXg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef39715fc224e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1875,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"1f616acb8ff13871d024fb3e8af83e73","sha1":"cfc880e92eed5213176a6c69f387f5940474c5a9","sha256":"4cf410868388a7499010558b1e473a9b82bd874d6cf2bf6ea99e09df6dcf5599","sha512":"d0cb4156fbc39022a68efae6430c0312b7faa7c9445ca19a39dc2d34557edcb7fb38c5928eb3cb8167cdc7529e45ab9d6f6e9b5ee2d5f548f922b77d2f36feb7","ssdeep":"","tlshash":"2d31d9a5a9ea82f1ed38195163aa4a339323a311ebc725b470559ef316802c9431876f","first_seen":"2026-04-20T10:51:23.416584Z","last_seen":"2026-04-21T03:05:21.493245Z","times_seen":3,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/plugon_160x160.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/plugon_160x160.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pLeOUm8xCgW2xIfujBgwZmi7Wjq7pSG4sEhsZMBCZD4rEot5UOW1uZZcQfIgy1hY4j9PnaqLqwO7aTBDodx9LL8%2BTGxRBuRXTjmUNxxZ3Kkdo0gZnW8MVJNUgDzdBK3x55dm8kjQTA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef397160c294e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2281,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"035bea1f20f3240883935408be759bed","sha1":"a11de51afecad0732aea71fe91975856d0fff0d6","sha256":"35a69e110d79c9c1566169dbc893c15ae998dcb24c458744fcb0b1ce96d4fd48","sha512":"a81940335e04dcfa59b85693075f7bd127331854e898a624be0892af29f0f7f66ea9979737b1f9daf90b8780d279a6d696c5ac679ffcea458e58c01b9244fa11","ssdeep":"","tlshash":"0e4108af0a979682d230d92126310a3fa9c527f05ec1b60f0465c4b12df6fe802f04ef","first_seen":"2026-04-20T10:51:23.41752Z","last_seen":"2026-04-21T03:05:21.471624Z","times_seen":3,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/nioon_160x160-1.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/nioon_160x160-1.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:49 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:49 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bxwsfrqOszxTuh%2FmOR9%2Fn21XuHu79WPqbV64hXMdHMQfq3SrUJo8FMcfjqYNIs%2FxE1sQeGy3r1SEbWIAy%2F%2FQfl0K%2B3ATCKQVYZU3sr0mz2Z4xjdv60kq9ASYmuVbcubn%2BbeJ1o69wQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef397160c2a4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2113,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"d77e226836476b47eeff0243632051d1","sha1":"20407d93d731cc16292aba77432f3fc4ce6b1e69","sha256":"6ceeb28f4e894aee27de9890044a019d6c822a994f34cd720660dd17bef4916d","sha512":"42f7016133a50683bdbba22ac81cb4b1b545ce77d39457d4b10dd36919892a6e56c71b05273936bace90a3904d8f1d2e5decfa2c7bd7a9ffafbef26921ecbb7d","ssdeep":"","tlshash":"1b413acb3bdef8bf4311c9ad4823018abfde0d0c26468b4a08b00696c71f0645248ce3","first_seen":"2026-04-20T10:51:23.418498Z","last_seen":"2026-04-21T03:05:21.479468Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/tslaon_160x160.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/tslaon_160x160.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:49 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:49 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eU2L46WDLem2T0Q8oZgE7cgAUq41gDLloYaqLMd3hd8ZQoc79d2U1oP3E8tLex%2FdYAIbqHWmtXq49gvSDIjWdBa9b8j7jXSSnU95r682aVkuSVjFJ21mXU6CIrRisEXCzMV7InXc7w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef397160c314e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2172,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"6e66457d2a9cdf181ac55d53894f36fa","sha1":"1c8872ed54af4348949b9599280e7dc069459d0a","sha256":"be669ab354948d91ef60711c1fc83cb55e800deabd73a6ee78aba50aaf03f6c8","sha512":"c7d7641ef9254c3e55476fc2b9c2b6856c5b64fc0bb024daa9f2ed6ac1bff4f9ae678c0eff322730216fa95c0c758ab3c5d91a4f7e134c645cfaf4483dabb225","ssdeep":"","tlshash":"a24109f2496206381533c87b256c82eef2b82867104687d71d117ba8a3221a875f10c6","first_seen":"2026-04-20T10:51:23.419409Z","last_seen":"2026-04-21T03:05:21.472742Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/styles.css","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:47.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/styles.css HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:47 GMT\r\ncontent-type: text/css;charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UHbauWcKzs36SGAc0j2hIApf%2BSLxgGwuCnuoasbzvdSqujC6Wo%2FLaYEivSNeArHB4uDgiSi%2B%2BWcsmhZmta3CEx2PJUFPTg50u%2F%2BsM51181fYOYwYFw19Ndmo6qfVz5YjPPA3EQPZLw%3D%3D\"}]}\r\nlast-modified: Mon, 20 Apr 2026 10:50:47 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9ef3970f5ad44e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72419,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text","md5":"7f31d9d82f5c4d740b09bd6d4d02cbe6","sha1":"b511ed76a45ad2fc77f072e9124f63b073d682fa","sha256":"43207090d714dc5a07b4b32c035d51132a46728ec3e6ab66e1579e62f50605e7","sha512":"8a9e63f4080020cab92d56e9be6be802043bf34292783b0ec701a63abbb5d2aeafabff692912e3993377ad13bc8859c0013e1c195a14b86c1d81c616f349e624","ssdeep":"768:wgMFfFI4hIbWRhDxeVTv4yXDrFu9klFcmDzFI3X1F+FuyleLxbc4uVc:AN3+rmkltDzgX16Ec4u2","tlshash":"d963fecf07a320657813f8485baa9a4a7361f11b9509ca3d3edd624ccf8e2d85da3359","first_seen":"2026-04-20T10:51:23.420587Z","last_seen":"2026-04-21T03:05:21.485064Z","times_seen":3,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/nvdaon_160x160-1.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/nvdaon_160x160-1.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JbJR9P7xqeGOpWwxvQ5rWi7FDQNmYM1Y8r20ea15mOA8WCnCvGl5DWonLSxz2VECHgz8Y0B8GlFrnFzKVBcxNAtQHeao95O%2BfjhCRUXqbSlk6BF6FnsFyMN42I2Ul%2BAwZbT0fvFIDQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef39715fc1f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2230,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"efa5bc835d99ccfec0b6a14d2eee91ab","sha1":"94eda4f90a68dd01782eebeafee3ad3551800115","sha256":"b296f60525600be45c2df8829b71425245e15169c9fa9f811128d3e48f9c12b1","sha512":"ed68c2995094bece8c36f99a03e3316827b125287379598a6b4c637999fd130867647d22983425cf47d4dabda65a95167c6d02320cba57bf51c7c3511100a738","ssdeep":"","tlshash":"854129771c490cbaafa696cd5128809923bd004d58318e17f8a379c74092d1f21bdf2f","first_seen":"2026-04-20T10:51:23.425153Z","last_seen":"2026-04-21T03:05:21.478654Z","times_seen":3,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/vrtxon_160x160-1.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/vrtxon_160x160-1.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VHkvKyJt3wsmmgmZ1wtuY3RzgxB1xdhW%2F9Dhql3pu79lY6tabTbyqRhs1siNvTZUvyajJa%2FoVo0%2F9%2BR7q6ZEi1NE2UgC%2BNCi3LtByDgoJ4U6aoSeM3hjT003c8QAc%2B25r8Vzf5l8qQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef39715fc254e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1865,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"52dd5a0963b567bc9e7d9b548d370479","sha1":"46cc0373cee5335bcd098f5b8f8ee9ac068ffd65","sha256":"91426d45dd44304fdf6fce36e5b12d6559da5457c8c4a756436ee3a746eeaf6c","sha512":"0c6ec5384215d156f2cff154cab67dfae1dd5085dc40d4abe55784eea84bc3925f9c4fb7d307b1c5d8ee57610ca1a3836e5fb498d95c9fede90071e1ebd5eef4","ssdeep":"","tlshash":"22311b9e22d4185ac5b6083354e1a29ac5dc2c1968a2811c7bff3c35eebd6b0616e114","first_seen":"2026-04-20T10:51:23.426458Z","last_seen":"2026-04-21T03:05:21.473618Z","times_seen":3,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/amznon_160x160-1.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/amznon_160x160-1.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:49 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:49 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iWp8Hjk%2BO%2FJjz2NWCN7frVMWZ2KsZwjtQzIkxtQMhefHzmJLmUDt%2FQIsuTEDXE1GRdcdQio5Rsn6j43BDv7GxiIeEzXrMIy0wVMa51YlflWnRJHyG954J2OwdU1c2YxPPazrN%2Ba%2F7A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef397160c2d4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2351,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"a02dbb176045630809c87e3f47d7bac7","sha1":"034b232062117acb9e2b7e93f929d3a8a049132c","sha256":"34c8db07a05a3461051071f5f3125724d18fc28ee1289098ce590fb5cd9700bf","sha512":"bca0f6246b74ca299be3193b9b95497fa0bbc21a30c0164b5239cd1174c16208593d5cf8f24f4b4e8ea02d45c31b34f1498106bee24abc1e089d1f4945ac21f8","ssdeep":"","tlshash":"44413bef55bcdcd8c9651453972a22e7f285d38f1d28770f142172658e6162404f5fb3","first_seen":"2026-04-20T10:51:23.427652Z","last_seen":"2026-04-21T03:05:21.496577Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/somecfpreload/cloud.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /somecfpreload/cloud.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\ncontent-length: 12201\r\nlast-modified: Mon, 01 Dec 2025 15:30:05 GMT\r\netag: \"692db47d-2fa9\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4uR9EM7ej5cttaiHQAAwDxykxNQynCLDwrscMPX0g%2FkvSCDyjK%2BMuK3a5%2Bw2yYM1j4WDAshphUmIib%2FEHETW1Ui8%2BvFJZKvsBZdM%2FDCjKlcepyxdWaiD0mXQk6pYUZQhNatwkMuQcw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9ef39716ec694e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12201,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 224 x 85, 8-bit/color RGBA, non-interlaced","md5":"f1af47463890045ce01ba2afd81dfb28","sha1":"b540c1a3d9c7150702f9492c8932606827b6ef4d","sha256":"589a5336ad44ee6ef987751b4170c4824b2cb5456fb2d679658b99bdc897a0c0","sha512":"5db3d8e2ff19c5a1cea127aa31be60b7139978a6e95b815ac4b461f58fd196f39903df81d7421c16cbf0bbb92f2cd8024183a7a2813d13e9946b46d1a8fdc082","ssdeep":"192:maw1TeS0mXEq3VhsPxhZLQPMQICpL86bT8pwLAqEeBujhjaqYGPUGUVO:q1zNzSP5L09PtZv8grdu+rYU1VO","tlshash":"6242bfc230712928c8edbf670eb843394ad313e60186e77a265a75b79b94b502f984d5","first_seen":"2026-01-09T23:39:20.659244Z","last_seen":"2026-04-21T03:05:21.494441Z","times_seen":38,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/api.php?symbols=NKE,GOOGL,ACHR,FXI,BBAI,DNN,RGTI,CRM,AVGO,BTG,NBIS,KWEB,EWY,META,TLT,RIOT,SGOV,QBTS,CSCO,PCG,RKLB,SNDK,LUNR,RIVN,UBER,IONQ,FIG,OXY,SNOW,EFA,CRCL,HIMS,MSTR,INDA,SOUN,KO,WMT,PINS,RDW,PYPL,FCX,CMG,PDBC,CVX,UNG,CPNG,NVO,IEF,COIN,PANW","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:49.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/api.php?symbols=NKE,GOOGL,ACHR,FXI,BBAI,DNN,RGTI,CRM,AVGO,BTG,NBIS,KWEB,EWY,META,TLT,RIOT,SGOV,QBTS,CSCO,PCG,RKLB,SNDK,LUNR,RIVN,UBER,IONQ,FIG,OXY,SNOW,EFA,CRCL,HIMS,MSTR,INDA,SOUN,KO,WMT,PINS,RDW,PYPL,FCX,CMG,PDBC,CVX,UNG,CPNG,NVO,IEF,COIN,PANW HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app-ondofinacne.help/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:49 GMT\r\ncontent-type: application/json\r\ncache-control: public, max-age=60\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xLCUh3bLYvNUwUrdhCv%2F2VbJZLhpEN5znKlUE4ph%2Fafl59GcwgOsbF%2BAayA0%2FkT%2FWF3Iw9ypNuLdhPXWqhdRNJ%2FeSqKx7gE3rO7had7UviilTZrh%2FIYO4R0NYCFHBbCk67xjPb244w%3D%3D\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9ef3971a4d334e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117685,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"63cb667a1c5ca6a9dbe997e06232ac74","sha1":"ecd29975ae560cb8cfbee55ad2bdf57947e6061d","sha256":"eb1452c37178754605005ec059c0997f7813f3ebf6a62af0352b8a533da46318","sha512":"b9a69fa2cf530e5f2192d3509e0232d110e2c767a0d9b2ae727f29c12cb9c690160dd402cba4ebb51a95c73ea11700fe25794ac681fda4777ca7a08ea4d44e29","ssdeep":"1536:uh25Mtg7LiFuXRufOhffV9DaYIgmcDzxBBHqlxzrMTGzwY4+hcVR7bm0H+HiYcv7:iyvfXR6sWLQzmhwqz1Sa2ezqX7xQVEf","tlshash":"efb3645d0f7c4df959a616523d6a2f04167c63eb91c8c60bc37eeda8a2c250f221ec5b","first_seen":"2026-04-20T10:51:23.429898Z","last_seen":"2026-04-20T10:51:23.429898Z","times_seen":1,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":417,"receive":84,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/api.php?symbols=SHOP,WFC,PSQ,BABA,LRCX,QCOM,ASTS,TSM,COP,IEFA,DIS,C,JD,MRK,BNO,AGG,IJH,IEMG,PDD,GLXY,INTU,EWJ,NEE,USFR,ANET,SBET,NEM,ADBE,PG,GLD,JPM,ENPH,APP,WDC,COHR,UEC,JNJ,ABT,SHY,OSCR,ACN,SOXX,OKLO,XYZ,TMUS,UNH,ON,SCHW,TXN,GE","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:50.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/api.php?symbols=SHOP,WFC,PSQ,BABA,LRCX,QCOM,ASTS,TSM,COP,IEFA,DIS,C,JD,MRK,BNO,AGG,IJH,IEMG,PDD,GLXY,INTU,EWJ,NEE,USFR,ANET,SBET,NEM,ADBE,PG,GLD,JPM,ENPH,APP,WDC,COHR,UEC,JNJ,ABT,SHY,OSCR,ACN,SOXX,OKLO,XYZ,TMUS,UNH,ON,SCHW,TXN,GE HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app-ondofinacne.help/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:50 GMT\r\ncontent-type: application/json\r\ncache-control: public, max-age=60\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LwKVsqqRO7mXIso77Y5Jh0O17zm6eq1mwd63JylHgqtVOD2eE5qNCuJZElTJn6fRFefg9si4fyIDz7b63yaqrY1wOak4PHxcYLHOxdCwdkJeRZvaM0IUGVQt9Amw96DYBhTQH9yzig%3D%3D\"}]}\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9ef3971f4e004e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117672,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cb8122f989877bfcdd28eed52f82f557","sha1":"7f42968d20f8d0aeb8fbdeec52e30c037916de37","sha256":"ee01f0456949842863eacaa677f043c67b59d65b5888d9f8b0ba339d894eca08","sha512":"7f9f3d6d15099713cc14fd1b15d24303e5e7434ad8b08ee90dd8357d9d7f3762615a56f1fa4db5cfc0ce6607d05e11cdb1bd4841037e854974bd318e65126225","ssdeep":"1536:u2vzNKV9ebCYZSkO0vFi6E1p+jTD1XatmI1aDI7BxtZtPhoLmves868ryLydft4t:VkYKZUPAhd9dRlPm+ITHyoHORd","tlshash":"11b3855d0f7c5df959a616423d6a2f04167c63eb91c8c60bc37eeda8a2c250f221ec5b","first_seen":"2026-04-20T10:51:23.431045Z","last_seen":"2026-04-20T10:51:23.431045Z","times_seen":1,"resource_available":false,"data":null}},"time_used":416,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":346,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/favicon.ico","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/favicon.ico HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\nage: 0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wzBtJkwa7%2BxA2HwnF9E%2F%2BwiDDynx50uiZTS81hcfJqQAQiaYmVMlfgyQ7gSFtK5vpWzclG3ZFzofM0uuY3wtk7SXj3DDPTAC%2FtqHp7xgBUT9nKOsEqdYYn6fKmpYe7p5pfU4%2BgJDVQ%3D%3D\"}]}\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9ef39715abfe4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12007,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"055daa8924aedb430a5313283bcd28ee","sha1":"1fad23a11533b8408345267e9c34aac620153a1e","sha256":"700ab482214cac6ca7eddd4d74256860604ceabe4bedefd0324e44fd3b1576a6","sha512":"6eb664485d9befc1fa2a683a9f62fd088d29ba1803ba9cfdeee24a11ca79e05019a2555d45be6638ee70f082c43a5daa0dc9942f0ae3e9fbdefe27c2e7b907d3","ssdeep":"192:IRtVZVuKrC+g4lSBdzDowU+92mfbX2mlsTpUfn+TRaluaaOsEs/w9TM:IRtV75gpB9Do69ZmmuCneRLaa9Es/KTM","tlshash":"b642c0dc1310b2ab1f4d6575985e1bc28671690d0c6f4f8fde79cc0fea7e1841849b58","first_seen":"2025-08-14T22:56:29.206535Z","last_seen":"2026-04-21T03:05:21.480281Z","times_seen":144,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/glxyon_160x160-1.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/glxyon_160x160-1.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sPUJV99u%2Btgyd5dxxqPFc5rbL7s%2FHaD6ce4ZwTFFcO9wrZioIDSgbKaWIlzDZ%2FGqZ0f5QoHslEvrmcuS%2FYN1SVsYLpGvwOdxhuTq4qfVhh%2F%2BiPjyOss1yFAj7AVhCkTHO%2Ftsoyu%2B5A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef39715ec184e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1589,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"147ecb06c6774bcf19a8711eac03204c","sha1":"aeebbd4c4d74467ac6fd68cbc461d0c31df80ce0","sha256":"1dc3a0a7223b464bab89eeac43e6a9975b02d8834b9adee7ace6b165512f5056","sha512":"780a6081944f6ba92c6a2e872b9b8449da841a18e9b947d4e64318bfbe9357167e97f9014aad02a958daf4cdc0dcfeb2a998dd46d21ea82d6182e77875425f0d","ssdeep":"","tlshash":"c231c8d5e708c2fd4f566f9c481a42800fd31b1509c974b1fee66672392fc89b4a81ae","first_seen":"2026-04-20T10:51:23.43209Z","last_seen":"2026-04-21T03:05:21.476067Z","times_seen":3,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app-ondofinacne.help/538f67225838a32717a7cc38e4d48d5e/pltron_160x160-1.png","fqdn":"app-ondofinacne.help","domain":"app-ondofinacne.help","tld":"help"},"ip":{"addr":"172.67.163.186","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://app-ondofinacne.help/","date":"2026-04-20T10:50:48.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-ondofinacne.help","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 10:51:22 GMT","end":"Sat, 11 Jul 2026 10:51:21 GMT"},"fingerprint":{"sha1":"D2:2D:FC:26:E0:F4:20:F6:D8:E2:48:62:04:F2:07:CB:6B:6D:3C:E8","sha256":"8D:AE:46:78:DD:84:77:D3:11:A8:39:B5:C9:C9:ED:C5:78:54:67:5D:6B:46:84:04:ED:17:03:07:30:98:10:E1"}}},"request":{"raw":"GET /538f67225838a32717a7cc38e4d48d5e/pltron_160x160-1.png HTTP/1.1\r\nHost: app-ondofinacne.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app-ondofinacne.help/\r\nCookie: flow=13891; pechenka=f41c67441a5803a2d77267c608a3c64d; channel_id=881; extspecck_v9u382hIMpq0MS2palcm=0; extspecck_9cj328JSmqOote92K3av=30766463\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 20 Apr 2026 10:50:48 GMT\r\ncontent-type: image/png\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 20 Apr 2026 10:50:48 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aYhmIdJSCWSMsLV6AOZ9F%2B%2FPRgYtGzspKnlR11l%2By%2FNB7L%2FoN8%2FnopNv6Zc8GwhG1sUIpDpTqu8dcbYO%2BfaG%2F0%2BJuOHlOmZZqsaTjrchNWVFo1MR0nAJ0lqRTMotr1n%2BUGoIdYyyBA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ef39715fc204e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2286,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"c3a80d9d979c3de1a0d8ee6016a3bc38","sha1":"2e4ad38842156bae3307376ce885141ba4cf33ba","sha256":"873602a6fb5aa168468da557039174002b971abfe4c7d7b7c525ddc481587c96","sha512":"bf3203bb16e3d32981bbfcc9b920d9caf1a4c5337813ee897123b66fab5a57f52e65acde36d95408fd158cd562c460d6729f13d1c5b0b872ebe9b17270ad7861","ssdeep":"","tlshash":"3a412be52b0488826053863ff4c46aabd6068fd52dbc2717137177cd2e29c04a934a93","first_seen":"2026-04-20T10:51:23.43314Z","last_seen":"2026-04-21T03:05:21.486759Z","times_seen":3,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"app-ondofinacne.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}